1
Wayne A Campbell, Jeffrey H Walker: Method and system for detecting intrusion into and misuse of a data processing system. PRC, Lowe Hauptman Gilman & Berner, January 4, 2005: US06839850 (175 worldwide citation)

Disclosed is a Security Indications and Warning (SI&W) Engine usable in conjunction with an audit agent. The audit agent forwards normalized audits to the SI&W Engine. The SI&W Engine groups the normalized audits into related groupings. Gauges are used to count the number of occurrences of audited e ...


2
Jeffrey H Walker: Method and system for reducing the volume of audit data and normalizing the audit data received from heterogeneous sources. PRC, Lowe Hauptman Gopstein Gilman & Berner, October 17, 2000: US06134664 (137 worldwide citation)

A method of reducing the volume of native audit data from further analysis by a misuse and intrusion detection engine is disclosed. Typically, more than ninety percent of the volume of audit information received from heterogeneous operating systems does not need to be analyzed by a misuse and intrus ...